A post from the user account seasalt123 saying that he or she has taken possession of the personal data of Bkav customers. Photo by VnExpress / Luu Quy
The personal data of more than 200 users of the cybersecurity company BKAV was published online recently, the second time this year that the company has faced security problems.
Vietnamese internet users discovered on Tuesday that the data had been posted on a data trading website on Sunday by a user named seasalt123.
The user said he got the data from Breport.vn, a website that Bkav uses to receive reports on its products and services.
The website indicates that it was under maintenance at the time of publication.
Bkav has confirmed the leak.
“We have accidentally exposed the email addresses and possibly the phone numbers of around 200 customers,” he said.
The website was supposed to be deployed from a server that belongs to Amazon’s cloud, but the data was leaked due to a bug from Bkav, he said.
“This does not affect other official services that are being implemented from our internal infrastructure,” the company said, apologizing to its clients.
This was the second time this year that Bkav, a leading cybersecurity company in Vietnam that also produces smartphones and wireless headsets, has faced cybersecurity scrutiny.
The first time was in August when a hacker called chunxong offered to sell Bkav’s source codes at a price of $ 250,000.
The hacker even posted a video showing how he hacked into Bkav’s system despite the company claiming that the codes were “leaked by a formal employee.”
In the first nine months of this year, 16 major data breaches were reported in Vietnam with a total of nearly 100,000 leaked online accounts, according to a report by Viettel Cyber Security.